Code Coverage |
||||||||||
Classes and Traits |
Functions and Methods |
Lines |
||||||||
| Total | |
0.00% |
0 / 1 |
|
80.00% |
4 / 5 |
CRAP | |
95.00% |
19 / 20 |
| AclVoter | |
0.00% |
0 / 1 |
|
80.00% |
4 / 5 |
9 | |
95.00% |
19 / 20 |
| setAclExtensionSelector | |
100.00% |
1 / 1 |
1 | |
100.00% |
2 / 2 |
|||
| vote | |
0.00% |
0 / 1 |
5.01 | |
93.33% |
14 / 15 |
|||
| getObject | |
100.00% |
1 / 1 |
1 | |
100.00% |
1 / 1 |
|||
| getSecurityToken | |
100.00% |
1 / 1 |
1 | |
100.00% |
1 / 1 |
|||
| getAclExtension | |
100.00% |
1 / 1 |
1 | |
100.00% |
1 / 1 |
|||
| <?php | |
| namespace Oro\Bundle\SecurityBundle\Acl\Voter; | |
| use Oro\Bundle\SecurityBundle\Acl\Domain\PermissionGrantingStrategyContextInterface; | |
| use Oro\Bundle\SecurityBundle\Acl\Extension\AclExtensionInterface; | |
| use Oro\Bundle\SecurityBundle\Acl\Extension\AclExtensionSelector; | |
| use Symfony\Component\Security\Acl\Exception\InvalidDomainObjectException; | |
| use Symfony\Component\Security\Acl\Voter\AclVoter as BaseAclVoter; | |
| use Symfony\Component\Security\Acl\Voter\FieldVote; | |
| use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; | |
| /** | |
| * This voter uses ACL to determine whether the access to the particular resource is granted or not. | |
| */ | |
| class AclVoter extends BaseAclVoter implements PermissionGrantingStrategyContextInterface | |
| { | |
| /** | |
| * @var AclExtensionSelector | |
| */ | |
| protected $extensionSelector; | |
| /** | |
| * An object which is the subject of the current voting operation | |
| * | |
| * @var mixed | |
| */ | |
| private $object = null; | |
| /** | |
| * The security token of the current voting operation | |
| * | |
| * @var mixed | |
| */ | |
| private $securityToken = null; | |
| /** | |
| * An ACL extension responsible to process an object of the current voting operation | |
| * | |
| * @var AclExtensionInterface | |
| */ | |
| private $extension = null; | |
| /** | |
| * Sets the ACL extension selector | |
| * | |
| * @param AclExtensionSelector $selector | |
| */ | |
| public function setAclExtensionSelector(AclExtensionSelector $selector) | |
| { | |
| $this->extensionSelector = $selector; | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function vote(TokenInterface $token, $object, array $attributes) | |
| { | |
| $this->securityToken = $token; | |
| $this->object = $object instanceof FieldVote | |
| ? $object->getDomainObject() | |
| : $object; | |
| try { | |
| $this->extension = $this->extensionSelector->select($object); | |
| } catch (InvalidDomainObjectException $e) { | |
| return self::ACCESS_ABSTAIN; | |
| } | |
| // replace empty permissions with default ones | |
| for ($i = 0; $i < count($attributes); $i++) { | |
| if (empty($attributes[$i])) { | |
| $attributes[$i] = $this->extension->getDefaultPermission(); | |
| } | |
| } | |
| $result = parent::vote($token, $object, $attributes); | |
| $this->extension = null; | |
| $this->object = null; | |
| $this->securityToken = null; | |
| return $result; | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function getObject() | |
| { | |
| return $this->object; | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function getSecurityToken() | |
| { | |
| return $this->securityToken; | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function getAclExtension() | |
| { | |
| return $this->extension; | |
| } | |
| } |